Bugtraq mailing list archives

xlock clarification....

From: hedley () CS BRIS AC UK (David Hedley)
Date: Mon, 28 Apr 1997 13:30:08 +0100


Just to clarify the xlock problem for people (as I've received email
from several people who aren't sure if they're vulnerable or not). The
length of the parameter has to exceed 1024 bytes (as the buffer being
overflowed is 1024 characters). e.g. try: xlock -name xxxxx<insert 1000+x's>

Regards,

David
--
 David Hedley (hedley () cs bris ac uk)
 finger hedley () cs bris ac uk for PGP key
 Computer Graphics Group | University of Bristol | UK

Current thread:

Re: Digital UNIX/Irix mesg problem, (continued)
- - - Re: Digital UNIX/Irix mesg problem John Sheehy (Apr 29)
    - Access control on W3C httpd server Peter Lord (Apr 30)
    - vulnerabilities in kerberos David Sacerdote (Apr 29)
    - Sun Security Bulletin #00139 Sun Security Coordination Team (Apr 29)
  - SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
    - Re: SMASHING THE STACK: PREVENTION? Alex Belits (Apr 28)
    - Re: SMASHING THE STACK: PREVENTION? Thomas H. Ptacek (Apr 29)
- Re: Smashing the Stack: prevention? Tim Newsham (Apr 27)
- Re: Smashing the Stack: prevention? Joe Zbiciak (Apr 28)
- Re: Smashing the Stack: prevention? Daniel Ryde (Apr 28)
- xlock clarification.... David Hedley (Apr 28)
- Re: Smashing the Stack: prevention? Steve Coleman - SEWP (Apr 28)
- Re: Smashing the Stack: prevention? Alexander Snarskii (Apr 28)
- Re: Smashing the Stack: prevention? Michael Shields (Apr 28)
  - Re: Smashing the Stack: prevention? Theo de Raadt (Apr 28)
- Re: Smashing the Stack: prevention? Shawn Instenes (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 28)
- Re: Smashing the Stack: prevention? Randal Schwartz (Apr 28)
  - Re: Smashing the Stack: prevention? Thomas H. Ptacek (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 29)